[kernel] r13410 - in dists/etch-security/linux-2.6/debian: . patches/bugfix/all patches/series

Mon Apr 13 00:57:24 UTC 2009

Author: dannf
Date: Mon Apr 13 00:57:23 2009
New Revision: 13410

Log:
* skfp: Fix inverted capabilities check logic
   - bugfix/all/skfp-fix-inverted-cap-logic.patch
  See CVE-2009-0675

Added:
   dists/etch-security/linux-2.6/debian/patches/bugfix/all/skfp-fix-inverted-cap-logic.patch
      - copied unchanged from r13406, dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/skfp-fix-inverted-cap-logic.patch
Modified:
   dists/etch-security/linux-2.6/debian/changelog
   dists/etch-security/linux-2.6/debian/patches/series/24etch1

Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================

--- dists/etch-security/linux-2.6/debian/changelog	Mon Apr 13 00:41:19 2009	(r13409)
+++ dists/etch-security/linux-2.6/debian/changelog	Mon Apr 13 00:57:23 2009	(r13410)
@@ -31,6 +31,9 @@
      - bugfix/all/net-SO_BSDCOMPAT-leak.patch
      - bugfix/all/net-SO_BSDCOMPAT-leak-2.patch
     See CVE-2009-0676
+  * skfp: Fix inverted capabilities check logic
+     - bugfix/all/skfp-fix-inverted-cap-logic.patch
+    See CVE-2009-0675
 
  -- dann frazier <dannf at debian.org>  Tue, 24 Feb 2009 23:49:22 -0700
 

Copied: dists/etch-security/linux-2.6/debian/patches/bugfix/all/skfp-fix-inverted-cap-logic.patch (from r13406, dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/skfp-fix-inverted-cap-logic.patch)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/all/skfp-fix-inverted-cap-logic.patch	Mon Apr 13 00:57:23 2009	(r13410, copy of r13406, dists/etch-security/linux-2.6.24/debian/patches/bugfix/all/skfp-fix-inverted-cap-logic.patch)
@@ -0,0 +1,28 @@
+commit c25b9abbc2c2c0da88e180c3933d6e773245815a
+Author: Roel Kluin <roel.kluin at gmail.com>
+Date:   Thu Jan 29 17:32:20 2009 -0800
+
+    drivers/net/skfp: if !capable(CAP_NET_ADMIN): inverted logic
+    
+    Fix inverted logic
+    
+    Signed-off-by: Roel Kluin <roel.kluin at gmail.com>
+    Signed-off-by: David S. Miller <davem at davemloft.net>
+
+Adjusted to apply to Debian's 2.6.24 by dann frazier <dannf at debian.org>
+
+diff -urpN a/drivers/net/skfp/skfddi.c b/drivers/net/skfp/skfddi.c
+--- a/drivers/net/skfp/skfddi.c	2008-01-24 15:58:37.000000000 -0700
++++ b/drivers/net/skfp/skfddi.c	2009-04-05 21:58:20.000000000 -0600
+@@ -998,9 +998,9 @@ static int skfp_ioctl(struct net_device 
+ 		break;
+ 	case SKFP_CLR_STATS:	/* Zero out the driver statistics */
+ 		if (!capable(CAP_NET_ADMIN)) {
+-			memset(&lp->MacStat, 0, sizeof(lp->MacStat));
+-		} else {
+ 			status = -EPERM;
++		} else {
++			memset(&lp->MacStat, 0, sizeof(lp->MacStat));
+ 		}
+ 		break;
+ 	default:

Modified: dists/etch-security/linux-2.6/debian/patches/series/24etch1
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/series/24etch1	Mon Apr 13 00:41:19 2009	(r13409)
+++ dists/etch-security/linux-2.6/debian/patches/series/24etch1	Mon Apr 13 00:57:23 2009	(r13410)
@@ -70,3 +70,4 @@
 + bugfix/all/CVE-2009-0029/fix-uml-compile.patch
 + bugfix/all/CVE-2009-0029/sparc64-use-syscall-wrappers.patch
 + bugfix/all/CVE-2009-0029/sparc64-wrap-arch-specific-syscalls.patch
++ bugfix/all/skfp-fix-inverted-cap-logic.patch

